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Amendments to the Claims 
Please amend the claims of the present application as set forth below. 

Claims 1 - 37 were originally filed. 

New Claims 38 - 43 are added in this response. 

Claims 1 - 43 are pending, 

1. (original) A method for controlling access to a server device by 
at least one client device that is operatively coupled to the server device through at 
least one interconnecting network^ the method comprising: 

causing a user-side portion of a network server logic within the server 
device to selectively specify at least one network from which the user-side portion 
would accept client device information; and 

causing a kernel-side portion of the network server logic to accept the client 
device information only if the client device information has been provided via the 
specified network, 

2. (original) The method as recited in Claim 1, further comprising: 
if the client device information has not been provided via the specified 

network, causing the kemel-side portion to reject the client device information and 
notify the client device in a manner that identifies the rejection. 

3. (original) The method as recited in Claim 2, wherein the 
kemel-side portion notifies the client device using at least one message selected 
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from a group of messages comprising a TCP reset message and an ICMP 
destination unreachable message, as applicable. 

4. (original) The method as recited in Claim 1, further comprising: 
providing a communication socket for use by the kernel-side portion; and 
causing the kemel-sidc portion to compare client device information 

received on the conraiunication socket to the specified network. 

5. (original) The method as recited in Claim 1, wherein causing the 
user-side portion to selectively specify at least one network from which the user- 
side portion would accept the client device information, further includes causing 
the user-side portion to selectively specify a plurality of networks from which the 
user-side portion would accept the client device information; and 

wherein causing the kemel-side portion to accept the client device 
information only if the client device information has been provided via the 
specified network, further includes causing the kemel-side portion to accept the 
client device information only if the client device information has been provided 
via at least one of the specified pluraliQ^ of networks, 

6. (original) The method as recited in Claim 1» wherein causing the 
user-side portion to selectively specify the at least one network from which the 
user-side portion would accept the client device information further includes 
having the user-side portion specify at least one local network interface. 
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7. (original) The method as recited in Claim 1, wherein causing the 
user-side portion to selectively specify the at least one network from which the 
user-side portion would accept the client device information fUrther includes 
4 having the user-side portion specify at least one IP address. 

5 



8. (original) the method as recited in Claim 1 , wherein the network 

8 server logic is operatively configured to support at least one client-server based 

9 process selected from a group of processes comprising a file-sharing 
!o communication process, a TCP-based communication process, a UDP-based 

11 communication process, a HTTP-based communication process, a digital media 

12 based communication process, a DNS-based communication process, and a 

13 database related communication process. 

14 

15 9. (original) The method as recited in Claim 1, wherein the user- 

16 side portion includes an application-programming interface (API) operatively 

17 configured to allow an application to specify the at least one network from which 

18 the user-side portion would accept the client device information, 

19 

20 10. (original) The method as recited in Claim 9, wherein the API is 

21 further operatively configured to allow the application to specify a listing of 

22 networks from which the user-side portion would accept the client device 

23 information. 

24 

25 
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11. (Original) The method as recited in Claim 10, wherein the API is 
fiirther operatively configured to allow the application to selectively modify the 
listing of networks from which the user-side portion would accept the client device 
information. 

12. (original) The method as recited in Claim 1, wherein the kernel- 
side portion includes a TCP/IP driver. 

13. (original) A computer-readable medium having computer- 
executable instructions for performing steps comprising: 

causing a user-side portion of a network server logic within a server device 
to selectively specify at least one network from which the user-side portion would 
accept client device inforaiation; and 

causing a kernel-side portion of the network server logic to accept the 
client device information only if the client device information has been provided 
via the specified network. 

14. (original) The computer-readable medium as recited in Claim 13, 
further comprising computer-executable instructions for: 

if the client device information has not been provided via the specified 
network, causing the kernel-side portion to reject the client device information and 
notify the client device in a manner that identifies the rejection. 

15. (original) The computer-readable medium as recited in Claim 14;, 
wherein the kernel-side portion notifies the client device using at least one 
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message selected from a group of messages comprising a TCP reset message and 
an ICMP destination unreachable message, as applicable. 

16. (original) The computer-readable medium as recited in Claim 13, 
further comprising computer-executable instructions for: 

providing a communication socket for use by the kernel-side portion; and 
causing the kernel-side portion to compare client device information 
received on the communication socket to the specified network. 

17. (original) The computer-readable medium as recited in Claim 13, 
wherein causing the user-side portion to selectively specify at least one network 
from which the user-side portion would accept the client device information, 
further includes causing the user- side portion to selectively specify a plurality of 
networks from which the user-side portion would accept the client device 
infomiation; and 

wherein causing the kernel-side portion to accept the client device 
information only if the client device information has been provided via the 
specified network, further includes causing the kemeNside portion to accept the 
client device information only if the client device information has been provided 
via at least one of the specified plurality of networks. 

18. (origmal) The computer-readable medium as recited in Claim 13, 
wherein causing the user-side portion to selectively specify the at least one 
network from which the user-side portion would accept the client device 
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information ftirther includes having the user-side portion specify at least one local 
network interface. 

19. (original) The computer-readable medium as recited in Claim 13, 
wherein causing the user-side portion to selectively specify the at least one 
network from which the user-side portion would accept the client device 
information further includes having the user-side portion specify at least one IP 
address. 

20. (original) The computer-readable medium as recited in Claim 13, 
wherein the network server logic is operatively configured to support at least one 
client-server based process selected from a group of processes comprising a file- 
sharing communication process, a TCP-based communication process, a UDP- 
based communication process, a HTTP-based communication process, a digital 
media based communication process, a DNS-based communication process, and a 
database related communication process. 

21. (original) The computer-readable medium as recited in Claim 13, 
wherein the user-side portion includes an application-programming interface (API) 
operatively configured to allow an application to specify the at least one network 
firom which the user-side portion would accept the client device inforaiation. 

22. (original) The computer-readable medium as recited in Claim 21, 
wherein the API is further operatively configured to allow the application to 
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Specify a listing of networks from which the user-side portion would accept the 
client device information. 

23. (original) The computer-readable medium as recited in Claim 22, 
wherein the API is fiirther operatively configured to allow the application to 
selectively modify the listing of networks from which the user-side portion would 
accept the client device information. 

24. (original) The computer-readable medium as recited in Claim 13, 
wherein the kernel-side portion includes a TCP/IP driver. 

25. (original) A method for establishing per-socket interface listings, 
the method comprising the steps of: 

a) issuing, by a user-side application, at least one network identifier 
from which the user-side application would accept client device information; 

b) receiving, by a user-side portion of a network server process, the at 
least one network identifier; 

c) issuing, by the user-side portion, the at least one network identifier; 

and 

d) receiving, by a kernel-side portion of a network server process, the at 
least one network identifier. 
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26. (original) An apparatus comprising: 
memory; and 

network server logic, operatively coupled to the memory and configurable 
to support at least one client-server communication session, the network server 
logic having: 

a user-side portion that is configured to selectively specify at least one 
network from which the user-side portion would accept client device information, 
and 

a kemel-side portion that is configured to accept the client device 
information only if the client device information has been provided via the 
specified network. 

21. (original) The apparatus as recited in Claim 26, wherein if the 
client device information has not been provided via the specified network, the 
kemel-side portion is fiirther configured to reject the client device information and 
notify the client device in a manner that identifies the rejection. 

28 (original) The apparatus as recited in Claim 27, wherein the 
kemel-side portion is configured to notify the client device using at least one 
message selected from a group of messages comprising a TCP reset message and 
an ICMP destination unreachable message, as applicable. 
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29. (original) The apparatus as recited in Claim 26, further 
comprising: 

a communication socket for use by the kemel-side portion during the 
communications session, and wherein the kemel-side portion is further configured 
to compare client device information received on the communication socket to the 
specified network. 

30. (original) The apparatus as recited in Claim 26, wherein is 
further configured to selectively specify a plurality of networks from which the 
user-side portion would accept the client device information; and 

wherein the kemel-side portion is further configured to accept the client 
device information only if the client device inforaiation has been provided via at 
least one of the specified plurality of networks. 

3 1 . (original) The apparatus as recited in Claim 26, wherein the user- 
side portion is further configured to specify at least one local network interface. 

32. (original) The apparatus as recited in Claim 26, wherein the user- 
side portion is further configured to specify at least one IP address. 
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33. (original) The apparatxjs as recited in Claim 26, wherein the 
communication session is fiirther configxired to support at least one communication 
process selected from a group of communication processes comprising a file- 
sharing communication process, a TCP-based communication process, a UDP- 
based communication process, a HTTP-based communication process, a digital 
media based communication process, a DNS-based commxmication process, and a 
database related communication process. 

34. (original) The apparatus as recited in Claim 26, wherein the user- 
side portion includes: 

an application-programming interface (API) operatively configurable to 
allow an application to specify the at least one network from which the user-side 
portion would accept the client device information. 

35. (original) The apparatus as recited in Claim 34, wherein the API 
is further operatively configurable to allow the application to specify a listing of 
networks from which the user-side portion would accept the client device 
information. 

36. (original) The apparatus as recited in Claim 35, wherein the API 
is further operatively configurable to allow the application to selectively modify 
the listing of networks from which the user-side portion would accept the client 
device information. 
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37* (original) The apparatus as recited in Claim 26, wherein the 
kernel-side portion includes a TCP/IP driver. 

38. (new) A method for controlling connections to a server device 
comprising: 

creating a listening socket bound to a wildcard network interface; 

specifying a list of local network interfaces on which connection is 
permitted through the listening socket; 

accepting a request for connection on the listening socket only if the request 
is received on one of the local network interfaces specified in the list of local 
network interfaces, 

39. (new) The method as recited in claim 38 further comprising: 
receiving a request for connection on a network interface; 

querying a network stack to determine the network interface on which the 
request was received; 

comparing the network mterface to each of the local network interfaces 
specified in the list of local network interfaces. 

40. (new) The method as recited in claim 38 further comprising; 
receiving a request for cormection on a network interface; 
identifying the network interface in the list of local network interfaces. 

41. (new) The method as recited in claim 38 wherein the specifying 
comprises specifying a list of internet protocol (IP) addresses. 
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42. (new) The method as recited in claim 38 further comprising: in 
response to an application issuing a control message, adding a local network 
interface to the list of local network interfaces. 

43, (new) The method as recited in claim 38 further comprising; in 
response to an application issuing a control message, deleting a local network 
interface from the list of local network interfaces. 
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